Thanks to the 1Password Watchtower feature, I’ve realized that many of my passwords need to be updated due to the HeartBleed Bug. While I’m at it creating new passwords, I’ve been upping the length of them. I’m continually frustrated by sites that refuse to list character max lengths and ones that don’t pre publish the acceptable character lists. Some won’t even tell why the password is unacceptable until after you try to save it.
My personal favorite was (site to be unnamed) allowed me to change the password to a 24 char length password. But they failed to warn me that the max length is 20 chars. So the password “saved” but I now did not know what it was. Nothing is more fun then wasting time going through the password reset scenario to find the 20 char limit.
So to all the web developers ( and the business types that make the dumb aesthetic decisions), please give us your password requirements clearly up front. Thanks!